Commit ea99567d authored by Côme Chilliet's avatar Côme Chilliet

Merge branch...

Merge branch '5983-write-acl-on-user-userroles-groupsmembership-not-working-when-write-restrictions-are-set-on-other-user-user-fields' into '1.4-dev'

Resolve "Write ACL on user / userRoles / groupsMembership not working when write restrictions are set on other user / user fields."

See merge request fusiondirectory/fd!585

(cherry picked from commit d7e352d4)

196bbe1e 🚑 fix(core) Fix ACL check on wrong category for groupsMembership
parent a1555d83
...@@ -368,12 +368,12 @@ class ogroup extends simplePlugin ...@@ -368,12 +368,12 @@ class ogroup extends simplePlugin
$addingMembers = array_diff($userMembers, $savedMembers); $addingMembers = array_diff($userMembers, $savedMembers);
$removingMembers = array_diff($savedMembers, $userMembers); $removingMembers = array_diff($savedMembers, $userMembers);
foreach ($addingMembers as $dn) { foreach ($addingMembers as $dn) {
if (strpos($ui->get_permissions($dn, 'user/user', 'groupsMembership', $this->acl_skip_write()), 'w') === FALSE) { if (strpos($ui->get_permissions($dn, 'user/userRoles', 'groupsMembership', $this->acl_skip_write()), 'w') === FALSE) {
$errors[] = msgPool::permModify($dn, 'groupsMembership'); $errors[] = msgPool::permModify($dn, 'groupsMembership');
} }
} }
foreach ($removingMembers as $dn) { foreach ($removingMembers as $dn) {
if (strpos($ui->get_permissions($dn, 'user/user', 'groupsMembership', $this->acl_skip_write()), 'w') === FALSE) { if (strpos($ui->get_permissions($dn, 'user/userRoles', 'groupsMembership', $this->acl_skip_write()), 'w') === FALSE) {
$errors[] = msgPool::permModify($dn, 'groupsMembership'); $errors[] = msgPool::permModify($dn, 'groupsMembership');
} }
} }
......
...@@ -124,12 +124,12 @@ class roleGeneric extends simplePlugin ...@@ -124,12 +124,12 @@ class roleGeneric extends simplePlugin
$addingOccupants = array_diff($this->roleOccupant, $savedOccupants); $addingOccupants = array_diff($this->roleOccupant, $savedOccupants);
$removingOccupants = array_diff($savedOccupants, $this->roleOccupant); $removingOccupants = array_diff($savedOccupants, $this->roleOccupant);
foreach ($addingOccupants as $dn) { foreach ($addingOccupants as $dn) {
if (strpos($ui->get_permissions($dn, 'user/user', 'rolesMembership', $this->acl_skip_write()), 'w') === FALSE) { if (strpos($ui->get_permissions($dn, 'user/userRoles', 'rolesMembership', $this->acl_skip_write()), 'w') === FALSE) {
$errors[] = msgPool::permModify($dn, 'rolesMembership'); $errors[] = msgPool::permModify($dn, 'rolesMembership');
} }
} }
foreach ($removingOccupants as $dn) { foreach ($removingOccupants as $dn) {
if (strpos($ui->get_permissions($dn, 'user/user', 'rolesMembership', $this->acl_skip_write()), 'w') === FALSE) { if (strpos($ui->get_permissions($dn, 'user/userRoles', 'rolesMembership', $this->acl_skip_write()), 'w') === FALSE) {
$errors[] = msgPool::permModify($dn, 'rolesMembership'); $errors[] = msgPool::permModify($dn, 'rolesMembership');
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment